/**
 * 
 */
package common.liusany.admin.web.security;

import javax.annotation.Resource;
import javax.crypto.EncryptedPrivateKeyInfo;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Logger;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.ExcessiveAttemptsException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authc.credential.Md5CredentialsMatcher;
import org.apache.shiro.session.mgt.SessionKey;
import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.validation.BindingResult;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;

import common.liusany.admin.common.JCaptchaEngine;
import common.liusany.admin.service.security.CaptchaUsernamePasswordToken;
import common.liusany.admin.service.security.FormAuthenticationWithLockFilter;
import common.liusany.admin.service.security.IncorrectCaptchaException;
import common.liusany.admin.service.security.LoginCommand;
import com.octo.captcha.service.CaptchaService;
import com.octo.captcha.service.CaptchaServiceException;

/**
 * @author Administrator
 * 
 */
@Controller
@RequestMapping(value = "/security")
public final class LoginController {

	
	@RequestMapping(value = "/login", method = RequestMethod.GET)
	public String login(@ModelAttribute LoginCommand command) {
		System.out.println("login..........");
		return "security/login01";
	}

	@RequestMapping(value = "/login", method = RequestMethod.POST)
	public String fail(@RequestParam(FormAuthenticationFilter.DEFAULT_USERNAME_PARAM) String userName, 
			@ModelAttribute LoginCommand command,Model model,HttpServletRequest request) {
		model.addAttribute(FormAuthenticationFilter.DEFAULT_USERNAME_PARAM, userName);
		
		String error = (String) request.getAttribute(FormAuthenticationFilter.DEFAULT_ERROR_KEY_ATTRIBUTE_NAME);
		
		System.out.println(error);
		
		if(SecurityUtils.getSubject().isAuthenticated()){
			return "redirect:/admin/page/main";
		}
		System.out.println("fail run ...........");
//		SecurityUtils.getSubject().logout();
//		System.out.println("login.....");
		return "security/login01";
	}
	
	
//	private static Logger logger = Logger.getLogger(LoginController.class);
//	private static  String redirectUrl = null;
//	public static final String SUCCESS = "admin/success";
//	public static final String ERROR = "admin/error";
//	@Resource
//	private CaptchaService captchaService;
//	
//	
//	@RequestMapping(value = "/tologin")
//	public String tologin(Model model, @ModelAttribute LoginCommand command){
//		return "security/login";
//	}
//	
//
//		
//		boolean isCaptcha;
//		try {
//			String captchaID = request.getSession().getId();
//			String challengeResponse = StringUtils.upperCase(request
//					.getParameter(JCaptchaEngine.CAPTCHA_INPUT_NAME));
//			isCaptcha = captchaService.validateResponseForID(captchaID,
//					challengeResponse);
//			
//			if(!isCaptcha){
//				model.addAttribute("message", "验证码错误,请重新输入!");
//				return "security/login";
//			}
//		} catch (Exception e) {
//			return "security/login";
//		}
//		
//			
//		CaptchaUsernamePasswordToken token = new CaptchaUsernamePasswordToken(command.getUsername(),
//			
//				command.getPassword(), command.getJ_captcha(), command.isRememberMe());
//		try {
//			SecurityUtils.getSubject().login(token);
//		}catch(CaptchaServiceException cs){//Invalid ID, could not validate unexisting or already validated captcha
//			return tologin(model, command);
//		}catch(ExcessiveAttemptsException ee){
//			model.addAttribute("message", "账户已被锁，请联系管理员.");
//			return tologin(model, command);
//		}catch(IncorrectCredentialsException ice){
//			model.addAttribute("message", "密码错误.");
//			return tologin(model, command);
//		}catch(IncorrectCaptchaException ic){
//			model.addAttribute("message", "验证码错误！");
//			return tologin(model, command);
//		}catch (AuthenticationException e) {
//			e.printStackTrace();
//			model.addAttribute("message", "用户名或密码错误！");
//			return tologin(model, command);
//		}
//		
//		//  "redirect:/"返回到项目初始访问页 index.jsp
//		return "redirect:/";
//			
//	}
//
//	/**
//	 * 退出登录
//	 * 
//	 * @param request
//	 * @return
//	 */
//	@RequestMapping(value = "/logout")
//	public String logout(HttpServletRequest request) {
//		SecurityUtils.getSubject().logout();
//		HttpSession session = request.getSession(false);
//		if (session != null) {
//			session.invalidate();
//		}
//		return "redirect:/";
//	}
	
	

}
